Many newspaper subscribers all over the country were without copies of their papers on Saturday after a cyberattack causes some major problems with printing and delivery of several newspapers including the Los Angeles Times, the Chicago Tribune, the Baltimore Sun as well as the San Diego Union-Tribune…

https://deadline.com/2018/12/cyberattack-newspapers-los-angeles-times-chicago-tribune-wall-street-journal-new-york-times-1202527225/

The FBI has seized the domains of 15 high-profile distributed denial-of-service (DDoS) websites after a coordinated effort by law enforcement and several tech companies.

Several seizure warrants granted by a California federal judge went into effect Thursday, removing several of these “booter” or “stresser” sites off the internet “as part of coordinated law enforcement action taken against illegal DDoS-for-hire services.” The orders were granted under federal seizure laws, and the domains were replaced with a federal notice…

https://techcrunch.com/2018/12/20/fbi-ddos-booter-sites-offline/

It was bound to happen: Two-factor authentication (2FA) – that extra step that’s supposed to keep our devices and personal information safe – just no longer cuts it.

The idea behind 2FA is simple: You log into a given account using your user name and password from a new browser, location or device, and you get second authentication request, like a text with a temporary PIN.

You enter this temporary code and voila – you’re in. Because most hackers can’t access your phone, your account should be safe. Your Facebook and LinkedIn accounts already should have 2FA set up. If not, learn how to set up 2FA on your most popular accounts using my step-by-step guide…

https://www.usatoday.com/story/tech/columnist/komando/2018/12/20/why-you-should-get-secondary-phone-number-protect-yourself-online/2336163002/

Password-management company SplashData released its annual list of the 100 worst passwords of the year based on 5 million leaked passwords on the internet. The worst passwords continued to be “123456” and “password.”

Some of you have switched things up, as there are several new entries to this year’s list, like “donald” ranked at number 23, presumably inspired by President Donald Trump.

Check out the top 25 most used and least secure passwords of 2018 and whether yours made the cut…

https://www.businessinsider.com/worst-passwords-of-2018-2018-12

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources…

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Malware authors, ad farmers, and scammers are abusing a Firefox bug to trap users on malicious sites.

This wouldn’t be a big deal, as the web is fraught with this kind of malicious sites, but these websites aren’t abusing some new never-before-seen trick, but a Firefox bug that Mozilla engineers appear to have failed to fix in the 11 years ever since it was first reported back in April 2007…

https://www.zdnet.com/article/malicious-sites-abuse-11-year-old-firefox-bug-that-mozilla-failed-to-fix/

For all donut lovers out there, it’s time to reset your account passwords if you have been a customer of Dunkin Donuts. Allegedly, after facing a cyber attack, Dunkin Donuts reset passwords of its users’ accounts out of an abundance of caution. Fortunately, the company did not suffer any data security breach. However, the credential stuffing attack clearly shows that the hackers already possess users’ accounts login details…

https://latesthackingnews.com/2018/11/30/dunkin-donuts-resets-passwords-after-enduring-credential-stuffing-attack/